Check EVP_Digest* functions return value in openssl(1) ts

Move up md_ctx and add EVP_MD_CTX_free under the 'err:' label. CID 149810 comment and ok jsing@
author: inoguchi <> 2022-03-27 00:37:10 +0000
committer: inoguchi <> 2022-03-27 00:37:10 +0000
commit: cf5ecaedae5855d39116cfdc6e431f8aebc4c13f (patch)
tree: 120e72b67e66895610a3e24f5f093980d118caf5 /src/usr.bin
parent: 62e5583bb1b862560432775b3c0765db00173fc6 (diff)
download: openbsd-cf5ecaedae5855d39116cfdc6e431f8aebc4c13f.tar.gz
openbsd-cf5ecaedae5855d39116cfdc6e431f8aebc4c13f.tar.bz2
openbsd-cf5ecaedae5855d39116cfdc6e431f8aebc4c13f.zip
1 files changed, 16 insertions, 5 deletions
diff --git a/src/usr.bin/openssl/ts.c b/src/usr.bin/openssl/ts.c
index a05e9677bc..94da634b45 100644
--- a/src/usr.bin/openssl/ts.c
+++ b/src/usr.bin/openssl/ts.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ts.c,v 1.22 2022/03/24 14:07:08 inoguchi Exp $ */
+/* $OpenBSD: ts.c,v 1.23 2022/03/27 00:37:10 inoguchi Exp $ */
 /* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL
 * project 2002.
 */
@@ -678,13 +678,14 @@ create_digest(BIO *input, char *digest, const EVP_MD *md,
    unsigned char **md_value)
 {
        int md_value_len;
+        EVP_MD_CTX *md_ctx = NULL;
        md_value_len = EVP_MD_size(md);
        if (md_value_len < 0)
                goto err;
        if (input != NULL) {
                /* Digest must be computed from an input file. */
-                EVP_MD_CTX *md_ctx;
                unsigned char buffer[4096];
                int length;
@@ -695,16 +696,24 @@ create_digest(BIO *input, char *digest, const EVP_MD *md,
                if ((md_ctx = EVP_MD_CTX_new()) == NULL)
                        goto err;
-                EVP_DigestInit(md_ctx, md);
+                if (!EVP_DigestInit(md_ctx, md))
+                        goto err;
                while ((length = BIO_read(input, buffer, sizeof(buffer))) > 0) {
-                        EVP_DigestUpdate(md_ctx, buffer, length);
+                        if (!EVP_DigestUpdate(md_ctx, buffer, length))
+                                goto err;
                }
-                EVP_DigestFinal(md_ctx, *md_value, NULL);
+                if (!EVP_DigestFinal(md_ctx, *md_value, NULL))
+                        goto err;
                EVP_MD_CTX_free(md_ctx);
+                md_ctx = NULL;
        } else {
                /* Digest bytes are specified with digest. */
                long digest_len;
                *md_value = string_to_hex(digest, &digest_len);
                if (*md_value == NULL || md_value_len != digest_len) {
                        free(*md_value);
@@ -716,7 +725,9 @@ create_digest(BIO *input, char *digest, const EVP_MD *md,
        }
        return md_value_len;
 err:
+        EVP_MD_CTX_free(md_ctx);
        return 0;
 }
author	inoguchi <>	2022-03-27 00:37:10 +0000
committer	inoguchi <>	2022-03-27 00:37:10 +0000
commit	cf5ecaedae5855d39116cfdc6e431f8aebc4c13f (patch)
tree	120e72b67e66895610a3e24f5f093980d118caf5 /src/usr.bin
parent	62e5583bb1b862560432775b3c0765db00173fc6 (diff)
download	openbsd-cf5ecaedae5855d39116cfdc6e431f8aebc4c13f.tar.gz openbsd-cf5ecaedae5855d39116cfdc6e431f8aebc4c13f.tar.bz2 openbsd-cf5ecaedae5855d39116cfdc6e431f8aebc4c13f.zip

diff --git a/src/usr.bin/openssl/ts.c b/src/usr.bin/openssl/ts.c index a05e9677bc..94da634b45 100644 --- a/src/usr.bin/openssl/ts.c +++ b/src/usr.bin/openssl/ts.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ts.c,v 1.22 2022/03/24 14:07:08 inoguchi Exp $ */	1	/* $OpenBSD: ts.c,v 1.23 2022/03/27 00:37:10 inoguchi Exp $ */
2	/* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL	2	/* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL
3	* project 2002.	3	* project 2002.
4	*/	4	*/
@@ -678,13 +678,14 @@ create_digest(BIO input, char digest, const EVP_MD *md,
678	unsigned char **md_value)	678	unsigned char **md_value)
679	{	679	{
680	int md_value_len;	680	int md_value_len;
		681	EVP_MD_CTX *md_ctx = NULL;
681		682
682	md_value_len = EVP_MD_size(md);	683	md_value_len = EVP_MD_size(md);
683	if (md_value_len < 0)	684	if (md_value_len < 0)
684	goto err;	685	goto err;
		686
685	if (input != NULL) {	687	if (input != NULL) {
686	/* Digest must be computed from an input file. */	688	/* Digest must be computed from an input file. */
687	EVP_MD_CTX *md_ctx;
688	unsigned char buffer[4096];	689	unsigned char buffer[4096];
689	int length;	690	int length;
690		691
@@ -695,16 +696,24 @@ create_digest(BIO input, char digest, const EVP_MD *md,
695	if ((md_ctx = EVP_MD_CTX_new()) == NULL)	696	if ((md_ctx = EVP_MD_CTX_new()) == NULL)
696	goto err;	697	goto err;
697		698
698	EVP_DigestInit(md_ctx, md);	699	if (!EVP_DigestInit(md_ctx, md))
		700	goto err;
		701
699	while ((length = BIO_read(input, buffer, sizeof(buffer))) > 0) {	702	while ((length = BIO_read(input, buffer, sizeof(buffer))) > 0) {
700	EVP_DigestUpdate(md_ctx, buffer, length);	703	if (!EVP_DigestUpdate(md_ctx, buffer, length))
		704	goto err;
701	}	705	}
702	EVP_DigestFinal(md_ctx, *md_value, NULL);	706
		707	if (!EVP_DigestFinal(md_ctx, *md_value, NULL))
		708	goto err;
703		709
704	EVP_MD_CTX_free(md_ctx);	710	EVP_MD_CTX_free(md_ctx);
		711	md_ctx = NULL;
		712
705	} else {	713	} else {
706	/* Digest bytes are specified with digest. */	714	/* Digest bytes are specified with digest. */
707	long digest_len;	715	long digest_len;
		716
708	*md_value = string_to_hex(digest, &digest_len);	717	*md_value = string_to_hex(digest, &digest_len);
709	if (*md_value == NULL \|\| md_value_len != digest_len) {	718	if (*md_value == NULL \|\| md_value_len != digest_len) {
710	free(*md_value);	719	free(*md_value);
@@ -716,7 +725,9 @@ create_digest(BIO input, char digest, const EVP_MD *md,
716	}	725	}
717		726
718	return md_value_len;	727	return md_value_len;
		728
719	err:	729	err:
		730	EVP_MD_CTX_free(md_ctx);
720	return 0;	731	return 0;
721	}	732	}
722		733